PT-2025-51675

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The crypto/zstd module contains a flaw where per-CPU streams can be freed multiple times, leading to a double-free issue. This occurs when multiple transform contexts tfms are allocated...

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from AFBC support causing rendering errors and vblank timeouts that may lead to display issues...

Ghostscript: NPDL device: Compression buffer overflow

A flaw was found in Artifex Ghostscript. The NPDL device has a compression buffer overflow for contrib/japanese/gdevnpdl.c...

Denial Of Service (DoS)

urllib3 is vulnerable to a Denial-Of-Service DoS. The vulnerability is due to an unbounded decompression chain, where nested compression layers are not limited, allowing a malicious server to send specially crafted responses that trigger excessive CPU usage and large memory allocation during...

[SECURITY] Fedora 43 Update: brotli-1.2.0-1.fc43

Brotli is a generic-purpose lossless compression algorithm that compresses da ta using a combination of a modern variant of the LZ77 algorithm, Huffman coding and 2nd order context modeling, with a compression ratio comparable to the be st currently available general-purpose compression methods. ...

CVE-2025-66214

Ladybug adds message-based debugging, unit, system, and regression testing to Java applications. Versions prior to 3.0-20251107.114628 contain the APIs /iaf/ladybug/api/report/storage and /iaf/ladybug/api/report/upload, which allow uploading gzip-compressed XML files with user-controllable conten...

Ghostscript: NPDL device: Compression buffer overflow

A flaw was found in Artifex Ghostscript. The NPDL device has a compression buffer overflow for contrib/japanese/gdevnpdl.c...

CVE-2025-66324

Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affect app data integrity...

Security Bulletin: Netty Affected by Decompression Flaw Where BrotliDecoder Allocates Unlimited Buffers, Enabling DoS, affects watsonx.data

Summary Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In netty-codec-compression versions 4.1.124.Final and below, and netty-codec versions 4.2.4.Final and below, when supplied with specially...

CVE-2023-53866 ASoC: soc-compress: Reposition and add pcm_mutex

In the Linux kernel, the following vulnerability has been resolved: ASoC: soc-compress: Reposition and add pcmmutex If paniconwarn is set and compress streamDPCM is started, then kernel panic occurred because card-pcmmutex isn't held appropriately. In the following functions, warning were issued ...

RHEL 9 : ghostscript (RHSA-2025:22869)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:22869 advisory. The Ghostscript suite contains utilities for rendering PostScript and PDF documents. Ghostscript translates PostScript code to common bitmap formats...

CVE-2025-66324

Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affect app data integrity...

CVE-2025-66324

Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affect app data integrity...

EUVD-2025-201679

Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affect app data integrity...

CVE-2025-66324

Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affect app data integrity...

CVE-2025-66324

The CVE-2025-66324 entry concerns Huawei HarmonyOS with an input verification flaw in the compression/decompression module. The root cause is improper input validation. Impact is on app data integrity; CVSS/metrics in the sources indicate high integrity/overall risk, though explicit affected vers...

CVE-2025-66324

Input verification vulnerability in the compression and decompression module. Impact: Successful exploitation of this vulnerability may affect app data integrity...

Information-Dense Reasoning for Efficient and Auditable Security Alert Triage

Security Operations Centers face massive, heterogeneous alert streams under minute-level service windows, creating the Alert Triage Latency Paradox: verbose reasoning chains ensure accuracy and compliance but incur prohibitive latency and token costs, while minimal chains sacrifice transparency a...

PT-2025-49521

Name of the Vulnerable Software and Affected Versions affected versions not specified Description An input verification issue exists in the compression and decompression module. Successful exploitation could impact app data integrity. Recommendations At the moment, there is no information about a...

Linux Distros Unpatched Vulnerability : CVE-2025-66566

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - yawkat LZ4 Java provides LZ4 compression for Java. Insufficient clearing of the output buffer in Java- based decompressor implementations in lz4-java 1.10.0 and...